XSS Vulnerability in Tongda OA Government Edition

Tongda OA is a collaborative office automation software. An XSS vulnerability exists in Tongda OA Government Edition. The vulnerability stems from the lack of proper validation of client data in the WEB application, which can be exploited by remote attackers to inject arbitrary Web scripts or HTM...

Microsoft Outlook MSG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Outlook. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:2229-1 Rating: important References: 1179576 Cross-References: CVE-2020-16037 CVE-2020-16038 CVE-2020-16039 CVE-2020-16040 CVE-2020-16041 CVE-2020-16042 Affected Products: openSUSE Backports SLE-15-SP1 An...

OPENSUSE-SU-2020:2216-1 Security update for chromium

This update for chromium fixes the following issues: Update to 87.0.4280.88 boo1179576 - CVE-2020-16037: Use after free in clipboard - CVE-2020-16038: Use after free in media - CVE-2020-16039: Use after free in extensions - CVE-2020-16040: Insufficient data validation in V8 - CVE-2020-16041: Out ...

Foxit Reader XFA Template Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of XFA...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:2213-1 Rating: important References: 1179576 Cross-References: CVE-2020-16037 CVE-2020-16038 CVE-2020-16039 CVE-2020-16040 CVE-2020-16041 CVE-2020-16042 Affected Products: openSUSE Backports SLE-15-SP2 An...

X.Org Server XkbSetMap Out-Of-Bounds Access Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of XkbSetM...

Apple macOS Kernel Command 0x10005 Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppleIntelKBLGraphic...

Apple macOS Kernel Command 0x10006 Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppleIntelKBLGraphic...

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acroba, are related to insufficient input data validation. This allows attackers to execute arbitrary code.

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, are related to insufficient validation of input data. Exploiting these vulnerabilities can allow a malicious actor to execute...

OPENSUSE-SU-2020:2181-1 Security update for chromium

This update for chromium fixes the following issues: Update to 87.0.4280.88 boo1179576 - CVE-2020-16037: Use after free in clipboard - CVE-2020-16038: Use after free in media - CVE-2020-16039: Use after free in extensions - CVE-2020-16040: Insufficient data validation in V8 - CVE-2020-16041: Out ...

Remote Code Execution (RCE)

openjfx is vulnerable to remote code execution RCE. The vulnerability exists due to the lack of proper validation of user-supplied data in HTML rendering in JavaFX which could result in a write past the end of an allocated data structure, allowing a malicious user to execute code in the context o...

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser from Google, an American company. Google chrome has a security vulnerability that stems from insufficient data validation in V8. A remote attacker can exploit the vulnerability to conduct a potential attack by leveraging heap corruption via a crafted HTML page...

Apple macOS CoreGraphics JBIG2Stream Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the CoreGraphics library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within t...

The vulnerability of the software for Cisco Webex Meetings Server and Cisco Webex Meetings allows a intruder to gain unauthorized access to protected information.

The vulnerability of the user interface of Cisco Webex Meetings Server and Cisco Webex Meetings relates to insufficient validation of entered data. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

chromium -- multiple vulnerabilities

Chrome Releases reports: This release contains 8 security fixes, including: 1142331 High CVE-2020-16037: Use after free in clipboard. Reported by Ryoya Tsukasaki on 2020-10-26 1138683 High CVE-2020-16038: Use after free in media. Reported by Khalil Zhani on 2020-10-14 1149177 High CVE-2020-16039:...

openSUSE Security Update : chromium (openSUSE-2020-2021)

This update for chromium fixes the following issues : - Update to 87.0.4280.66 boo1178923 - Wayland support by default - CVE-2020-16018: Use after free in payments. - CVE-2020-16019: Inappropriate implementation in filesystem. - CVE-2020-16020: Inappropriate implementation in cryptohome. -...

OPENSUSE-SU-2020:2055-1 Security update for chromium

This update for chromium fixes the following issues: - Update to 87.0.4280.66 boo1178923 - Wayland support by default - CVE-2020-16018: Use after free in payments. - CVE-2020-16019: Inappropriate implementation in filesystem. - CVE-2020-16020: Inappropriate implementation in cryptohome. -...

OPENSUSE-SU-2020:2032-1 Security update for chromium

This update for chromium fixes the following issues: - Update to 87.0.4280.66 boo1178923 - Wayland support by default - CVE-2020-16018: Use after free in payments. - CVE-2020-16019: Inappropriate implementation in filesystem. - CVE-2020-16020: Inappropriate implementation in cryptohome. -...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:2055-1 Rating: important References: 1178923 Cross-References: CVE-2019-8075 CVE-2020-16012 CVE-2020-16014 CVE-2020-16015 CVE-2020-16018 CVE-2020-16019 CVE-2020-16020 CVE-2020-16021 CVE-2020-16022...